Networking :: Making A Gateway Ssh To Tunnel The Traffic?
Sep 28, 2010
1.Making a Home server connect using ssh tunnel to a remote server ( to bypass proxy )
2. Making the home server accept connections as a gateway and forward anything that comes to it to the ssh tunnel connection of the remote server.
3. Making any client that puts the home server as a gateway in the network configuration gets a the tunnel connection to the remote server.
Home Server: ubuntu
Remote server: ubuntu
View 1 Replies
ADVERTISEMENT
Nov 8, 2010
I'm new to iptable configuration. I've set up a VPN using DD-WRT on my router and it works fine. However the VPN company does not allow port 25 traffic (in case of spammers) so now I can't get my emails sent out.
I'm guessing I can add some rules to my iptable so that all traffic except port 25 traffic can go out through the VPN tunnel. And hopefully, all port 25 traffic will go out through the normal Internet connection.code...
View 2 Replies
View Related
May 20, 2010
I'm currently tunnelling to my Ubuntu pc at home from my laptop in order to bypass my schools false-positive prone filter. Is there a way to record traffic that both comes to and is delivered by my pc?
View 1 Replies
View Related
Apr 17, 2011
How do you set up a linux workstation to act as a gateway for all other PC's in the LAN giving them internal IP's using DHCP, but which also forces all access to the internet to go through a proxy running inside the same linux workstation at 127.0.0.1:9666?the proxy is provided by ultrasurf and run using wine and we do not want to set applications one by one to use a proxy - it must be an automatic effect.
View 3 Replies
View Related
Dec 12, 2010
I installed the PPTP Client [URL] and can successfully connect to my VPN (creates interface ppp0). The problem is, I'm trying to tunnel all of my traffic on my system through the connection. I've seen conflicting howtos and scripts including pptpclient's documentation (the ip-up and ip-down scripts don't work). How does one simply (even if I type it manually) tunnel the traffic?
System Info:
OS: Debian Squeeze, Kernel 2.6.32-5-686
GUI: Gnome (standard one from netisnt unstable install)
Main interface: eth1
PPTP interface: ppp0
View 1 Replies
View Related
Aug 9, 2010
I know this has probably been solved multiple times, but I've searched the forum to no avail. I have a PPTP server setup properly with all ports forwarded correctly. A remote machine can connect and authenticate just fine. They get their IP assigned and everything.
The problem is that no traffic is being routed through the tunnel. Or, rather it is but the server doesn't seem to handle it. In a web browser I just get an error message. On a windows client I ran ipconfig and found a gateway address had not been assigned through the VPN tunnel. Could this be the problem? If so, how can I fix it?
View 1 Replies
View Related
Sep 21, 2010
Here is what I need to accomplish but somehow not getting where I need:
Server A:
-OpenVPN Server
-NIC1 = Internet (vnet - public IP address)
-Tun0 - 172.16.0.1
Server B:
-OpenVPN Client - Connects to Server A as a Client.
[Code]...
View 4 Replies
View Related
Feb 3, 2011
I have an Ubuntu VPS running 10.10 x86_64
This is what is in my /etc/network/interfaces right now.
Code:
auto eth0
iface eth0 inet static
address 67.202.x.x
gateway 67.202.x.1
netmask 255.255.255.0
auto lo
iface lo inet loopback
My server.conf
code....
I can get the VPN server running and everything connects fine from the client. I just don't know how to tunnel all the traffic through the VPS because it involves making the bridge which I'm having trouble with. What exactly am I supposed to put in /etc/network/interfaces?
View 1 Replies
View Related
Mar 1, 2011
I've set up a Lan-to-Lan (routed) OpenVPN tunnel. For redundancy I want to set up a second VPN tunnel on a fallback gateway/firewall on the client side. Currently, both sides (server/client) know how to route packets across each others physical LAN. So no NAT is used. When the primary gateway (fw1) is connected to the VPN server all traffic runs via the fw1 tunnel. Than when the secondary gateway (fw2) connects to the VPN server and fw1 is still connected all traffic for fw1 will be delivered to fw2 and effectively destroying traffic intended for fw1. This is of course no problem if I first shutdown (fence) fw1, than set up fw2 to use the gateway IP address from fw1 and set up the VPN tunnel to the VPN server. Effectively replacing fw1 with fw2 on the client side.
However, I can't seem to find a decent howto.
I am also exploring the possibility to let both tunnels active and let OpenVPN (or another tool) decide how to route packets back and forth the different LANs. A virtual IP between two gateway's both running a VPN or something similar. This would be the preferred method of course. However, I don't know how to tackle this one but I'm pretty sure there are people out there who are happy to share their 2 cents.
View 3 Replies
View Related
Mar 24, 2010
a client asked me to install ettercap on their linux gateway machine - two ethernet machine. I tried it in bridged mode, it but as soon as I start it, the traffic stops and no one can access anything. Did anyone ever succeed in running it on the gateway?
View 1 Replies
View Related
Sep 29, 2010
I need to set up my centOS computer as a firewall in my home network. Ive got 2 interfaces, eth0 and eth1. I want to allow and forward all traffic on eth0 and block all traffic on eth1 except ssh, ping(icmp) and DNS. How do I do this? Ive tried some editing in /etc/sysconfig/iptables but no luck.
View 1 Replies
View Related
Apr 6, 2010
I have been beating my head for the last few weeks on this problem, (although I have been taking the wrong approach, it seems).
I need a gateway to direct web traffic to three separate servers/domains. I have been trying to do this with both a dns server and , (seperatly), apache server to forward requests. The dns server was a no go, and <i can only get apache to redirect http and ftp.
After Googling this ALOT, I believe that what I need is a gateway server to redirect my traffic to the 3 different servers. I have been reading about using using nat and iptables for this and was wondering if anyone had any advice/suggestions on this. The other thought I had was to use something like pfSense to create the gateway, but I am still reading the documentation, and I am unsure if this approach will work.
View 1 Replies
View Related
Mar 15, 2011
I wanted to tell my server to block all traffic but US only traffic. So i followed this guide:[URL].. Now I know, it's the best way to help prevent hackers/crackers (doesn't matter to me what they are called. I just have to stop them). My server only deals with US clients anyways so might as well just start right there for my server's security before getting into the brute force and injection preventions. So I got it all done compiled everything moved to the proper directory. I then started to setup my iptables. Like so
Code: iptables -F INPUT
iptables -F OUTPUT
iptables -I INPUT 1 -s *.*.*.* -p tcp --dport 22 -j ACCEPT
iptables -I INPUT 2 -s *.*.*.* -p tcp -j ACCEPT
[Code]...
After seeing that i went digging in the code and figured it was something todo with memory allocation.
View 1 Replies
View Related
Sep 27, 2009
Recently I notice that when I'm connected to an vpn server (pptpd) and I'm using it as a default gateway my download and upload speed decreases almost to the half of the usual speed. I made a test using iptables in order to count how much GRE packets are generated (except the real traffic itself) in that way:
Code:
iptables -I INPUT -p gre -j ACCEPT
iptables -I OUTPUT -p gre -j ACCEPT
iptables -I FORWARD -s 172.16.10.101 -j ACCEPT
iptables -I FORWARD -d 172.16.10.101 -j ACCEPT
The first 2 rules match all GRE packets between the pptpd server and client, and the next rules - the traffic between the server and the client.
When I turn the counters to zero and begin to generate traffic (to browse, to download etc.) I see that the GRE packets are even more than these in the FORWARD chain.
So, my question is first of all is my test correct and is it true that so much gre traffic is being generated during the browsing (it becames clear that the traffic is double than if the pptpd wasn't used as a gateway) and if yes - can that traffic be reduced?
View 3 Replies
View Related
Jul 20, 2010
I'm trying to create a VPN through SSH but encounter the following:
Code:
[18:42:11]root@bronzhip:/home/casey# sudo ssh -w 0:0 97.**.***.221 -i VPN
channel 0: open failed: administratively prohibited: open failed
[code]....
View 6 Replies
View Related
Mar 24, 2011
I'm trying to set up a secure web tunnel at home I have an Ubuntu box (desktop), a Mac, and a Windows 7 box. I use all of them for different reasons. I want to be able to route traffic from my browser through my Ubuntu box. I have done this before with proxy servers abroad, but I want to do it using ssh and my box at home so I don't have to pay for a service i.e (Secure Tunnel)etc.
I followed the instructions at http://bit.ly/hAnp6u. However, using my Win7 box, after I set the browser part per the instructions, I get no connection from the browser.
View 1 Replies
View Related
Oct 21, 2010
Is it possible to chain together multiple SSH tunnel hops in a single `ssh -L` command on the client side? I have two gateways I need to get through in order to access a remote host. For a normal SSH client connection, it's simple enough chain this all together by simply appending the additional SSH connection commands to the first one:Code: ssh gateway.1 ssh gateway.2 ssh remote.host.
View 6 Replies
View Related
Jun 20, 2010
I have a headless server, running Fedora 13. I want to make a ssh tunnel to that server from laptop that is also running Fedora 13. Logging into that server over ssh works well, X11 forwarding also works, but I can't establish a ssh tunnel.
At the moment I was trying to connect two small python tcp sample programs, that communicate through port 8000. Running them both on my laptop works well.
What I am trying to do is that I am making two seperate ssh connections to my server, let's say it's address is myserver.com.
1) I make a 'standard' ssh connection to it
Code:
And run the server program
2) I open another terminal window and make the tunnel
Code:
3) I open 3rd terminal window and try to run the client program, that is trying to connect to localhost:8000.
If I understand it correctly, the client should now connect to localhost:8000, ssh would discover that and send that data to myserver.com port 8000. Then the server program on myserver.com is listening on that port and should get that data and send "hello world" string back to the client. Then the client should get that, print it to stdout and exit.
Unfortunatly all what it does is that it just hangs for about ten seconds and then says "connection lost" (timeout?)
I have tried other programs, they also timout.
By passing the -v argument to ssh it outputs:
Code:
When I try to connect the client it prints four more lines:
Code:
So as you see, it says that the connection times out..Also can anybody tell what the "Unspecified GSS failure." means? The possible break in attempt is caused by connecting to the server using the myserver.com address while being in the same local network with the server. If I connect using server's local ip address (ie. 192.168.1.xxx), the message dissappears.
View 5 Replies
View Related
Oct 3, 2010
I Need to make an SSL tunnel over SSH, I need to create exactly an SSL tunnel,I have a situation like that, I heared it is possible,but don't know how to create an SSL tunnel over SSH i am having putty installed on my pc,So i think i can use putty for this purpose, But i don't know how to do this.
View 1 Replies
View Related
Aug 3, 2011
I wanted to create an ssh tunnel but I do not know what commands to run .. my environment is as follows:
LAN Internet Office LAN
Home PC <-> Linux firewall <-> http server..
According to the above what I figure is that I have an internal web server at my job and I need to create a tunnel to access the web server from my PC in my home. I know I can do a port forwarding with the firewall but I don't want to publish this web server to Internet. My home PC and both servers (firewall and web) are ubuntu. My idea is create a ssh tunnel that forward port 8080 on localhost in my home pc, to the firewall (obviously with public ip), and the the firewall forward to port 80 on office web server at my job. Note that the firewall accepts ssh connections to port 22, same for web server...
View 2 Replies
View Related
Jun 8, 2010
i need possible direction on setting up a tunnel between 2 different network. The tunnel will be used by devices from the 2 different network to communicate with each other (for eg DevA and DevB).
DevA <-> Linux A <=====================> Linux B <-> DevB
View 3 Replies
View Related
Mar 10, 2010
My school network uses a http proxy to access the internet, but I am dubious about the security, and so I would like to use http inside ssh to keep my data secure. I don't really know where to start on this, so a step-by-step guide, or links to resources, would be helpful.
View 2 Replies
View Related
Aug 13, 2010
I'm trying to implement a routing short-cut solution, whose requirement is as following: server1(Linux) sends ip packets(destined to server3) to server2(Linux) via an ip tunnel between them, server2 forwards the ip tunnel's output (the inner ip packets) to server3. Each server has only one NIC and a public ip associated with it. All servers can communicate with each other. I'm sure the ip tunnel between server1 and server2 was configured correctly and worked well. server2's ip_forward was enabled too. On server2, I can capture the traffic on the ip tunnel interface, and they are originated from server1 and destined to server3. The problem is server2 does not forward the ip tunnel's output at all. On server2, I just run "echo 1 > /proc/sys/net/ipv4/ip_forward". Is there anything I missed for enabling ip_forward? Or originally, ip forward can't work on servers with only one NIC, can it?
View 3 Replies
View Related
Apr 18, 2011
I have 2 linux servers in different locations. I need to setup a ip tunnel. I follow this steps on both servers:
Server1: ip tunnel add tun0 mode ipip local IP_Server1 remote IP_Server2 dev ethX ip l s tun0 up ip a a 10.10.10.1 peer 10.10.10.2 dev tun0
Server2: ip tunnel add tun0 mode ipip local IP_Server2 remote IP_Server1 dev ethX ip l s tun0 up ip a a 10.10.10.2 peer 10.10.10.1 dev tun0
After creating the tunnel everything is ok, but after a time(maybe some hours), I can't ping the other end of the tunnel (ping to IP_Server1 and IP_Server2 is ok all the time; the connection to internet is very reliable). I have tried "ipip" and "gre" mode, but same result. If I ping from two servers the other end of the tunnel, the connection is again established for some hours and ping is working in both directions.(if I ping only from one side the ping is not working) How can I resolve this issue for no longer having to log on both servers to ping the other end of the tunnel? If I use an crondjob to ping the other end of the tunnel at 2 hours everything is working fine for weeks, but I need other solution.
View 5 Replies
View Related
Oct 6, 2010
I've been running a DebLenny system on the network which acts as the local gateway. It has 2 network cards and traffic is directed as follows:
Code:
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface eth1 -j ACCEPT
However, I'd now like to put all the outgoing traffic through a remote system which will further handle the outgoing data (Squid, etc) via the PPPTP device. What would be the most efficient way by which I could achieve this?
View 1 Replies
View Related
Apr 5, 2010
I am building up a site-to-site OpenVPN tunnel between two locations. I am setting this up in two CentOS 5.4 boxes each containing two NIC's. I can get the tunnel up and running, and I can ping across the tunnel, however, from the client end of the tunnel I can not ping anything behind the server end of the tunnel. In other words, I can't ping anything on the server's LAN. On both servers, eth0 is the WAN side and eth1 is the LAN side.
OpenVPN server:
eth1 - 10.10.202.2/24
OpenVPN client-server:
eth1 - 192.168.204.1/24
I have IP forwarding enabled in the kernel on both machines.
Code:
[root@vpn01 openvpn]# cat /proc/sys/net/ipv4/ip_forward
[Code]...
I'm sure that the answer is right in front of me, but I can't seem to get it cleared up. I can't hit anything on the 192.168.1.0/24, 192.168.2.0/24, 10.10.4.0 or 10.10.202.0 networks from the client server.
View 14 Replies
View Related
Mar 1, 2011
Im trying to configure a GRE over IPSec connection between two subnets. The IPSec tunnel is opened and now I want to add a GRE tunnel over it.So, what I didn't understand is why I can't route my subnet over the tunnel, once the only route I have there says that it should route the tunnel IP over the GRE01 interface. Any hint? Thanks.
View 1 Replies
View Related
Feb 10, 2011
I have two firewalls, one primary (fw1) and one fall-back/backup (fw2). On the LAN side the fw's reside in the same LAN segment. I have a client who wants VPN redundancy. So I configured two VPN tunnels for this client. One via fw1 and a backup via fw2. Since the default gateway on the VPN server points to fw1 only the tunnel via fw1 is established. OpenVPN can't establish a tunnel via fw2 because of the gateway and just sits there waiting...
View 1 Replies
View Related
Jan 31, 2010
so i start it with ssh -f -R 4096:localhost:22 me@server.com and it comes up and someone can log in at the remote end. how do i close the tunnel from the initiating end ? netstat doesnt seem to identify my end of the tunnel , unless im looking for the wrong thing!
View 1 Replies
View Related
Jan 31, 2010
Browsing via SSH Tunnel very slow When browsing in firefox at work via proxy through ssh on my 8.04 server the speed is near dial up. I have compression enabled, tried restarting ssh, and rebooting the server but it remains so sluggish. At home the connection is quick but the speed is lost in translation once I ssh in. I also tried adding "UseDNS no" to the ssh config but that did not help with the slow login or any other speed issues.
View 5 Replies
View Related
